NEAC chính thức chuyển đổi hạ tầng Root CA quốc gia nhằm nâng cao độ tin cậy và bảo mật cho hệ thống chứng thư chữ ký số. Khóa Root CA mới được cấp theo tên Bộ Khoa học và Công nghệ, đảm bảo tính pháp lý và sự ổn định cho các dịch vụ số hiện nay. #NEAC #RootCA #ChuyenDoiSo #BoKHCN #ChuKySo #DigitalTransformation #CyberSecurity #BảoMật #ChínhPhủĐiệnTử #EGovernment
https://vtcnews.vn/neac-chuyen-doi-ha-tang-root-ca-quoc-gia-ar989373.html
Game launcher installs Root CA certificate on your machine
https://github.com/SoapboxRaceWorld/GameLauncher_NFSW/issues/276
#HackerNews #GameLauncher #RootCA #Security #Vulnerability #GameLauncherIssues #Cybersecurity #PrivacyConcerns
Launcher Version: N/A Operating system: Windows Antivirus/Firewall (if any): N/A Wine/Mono Version (if any): N/A Hello, I've noticed that the launcher installs a custom Root CA certificate onto my ...
So I recently argued with our Security Guy at work, about how important it is to phase out SHA1-signed Root CA certs from our product’s root store.
My argument was like this
* it is a self-signed cert (Root CA, not intermediate)
* the way it becomes trusted is not through the signature
* the actual thing you are trusting is the public key, not the signature
* also, no browser, OS, or Java lib publishers are removing these
His argument was like this
* standards like NIST say don’t trust SHA-1 for anything important
* if we keep them, it’s not a good look for us
* we are currently not using those certs (e.g. Entrust two oldest CA’s) for anything at the moment
I asked him to explain the risk or a specific attack where breaking the signature (not the key) compromises anything, and apparently he “doesn’t have time to explain the basics to me” and I should go google it. Hmm
#sha1 #ssl #rootCA
Bei mir sehe ich in den #Android-Einstellungen von #LineageOS20 in der Sektion "Verschlüsselung & Anmeldedaten" einen ausgegrauten Menupunkt "Zertifikatsverwaltungs-App", den man nicht auswählen kann.
Was für eine App könnte man dafür nutzen? Kann man den Menupunkt irgendwie aktivieren? Oder geht das nur mit MDM?
Ich suche schon länger nach einer App, mit der man Einstellungen für aktivierte/deaktivierte sowie eigene #RootCA-Zertifikate mit root-Rechten sichern und wiederherstellen kann.
Good news: the Chinese #CA https://www.bjca.cn/ (that is currently in the process of joining the #RootCA program in all our web browsers) has confirmed they have strong technical controls that separate their root CA business from their alleged #spyware business.
Bad news: The alleged spyware business, and tge fact these are bother under control of the same business.
We have a secretive company with a lot of shady connections and no real office. Ok, there are plenty of them, you say. Yes, but the others don't operate root CAs, the businesses that secure our Internet traffic. 🚩
They also claim to provide end-to-end encrypted mail, but are able to decrypt them. 😱 Reminds me of #Anom…
What could possibly go wrong?
#RootCA #CA #TrustCor
https://www.washingtonpost.com/technology/2022/11/08/trustcor-internet-addresses-government-connections/
VTC News Bot
Hacker News
betamax65
Nekodojo
Jack Speed
kurtseifried (he/him)
keen456
keen456
𝙲𝚑𝚛𝚒𝚜𝚝𝚒𝚊𝚗 𝚂𝚌𝚑𝚖𝚒𝚍𝚝
charleselliott
Marcel Waldvogel